Presentation on theme: "Protecting People and Information"— Presentation transcript:
1 Protecting People and Information MIS Chapter 8Jack G. ZhengMay 29th 2008
2 Intellectual Property refers to creations of the mind (inventions, literary and artistic works, and symbols, names, images, and designs) used in commerceTwo categories2Industrial propertyinventions (patents), trademarks, industrial designs, and geographic indications of sourceCopyrightliterary and artistic works such as novels, poems and plays, films, musical works, drawings, paintings, photographs and sculptures, and architectural designs.1, 2 Source: World Intellectual Property Organization,
3 Intellectual Property Fair use doctrinemay use copyrighted material in certain situationsPirated softwarethe unauthorized use, duplication, distribution or sale of copyrighted softwareCounterfeit softwaresoftware that is manufactured to look like the real thing and sold as suchFair use:TV recordingTeaching in class
4 IP and Open SourceWhich way (protection vs. open sharing) is best to advance software industry?
5 Privacy"… the claim of individuals, groups, or institutions to determine for themselves when, how, and to what extent information about them is communicated to others.“Dr. Alan Westin, “Privacy and Freedom” (book), 1967
6 Privacy and Web Customer database Adware Cookie Profiles Behavior patterns (purchasing, searching and navigation)ClickstreamAdwareExample: 180 search assistantTrojan horseSpywareCookieA small text file containing user information on the local computerShow customer data flash (the Matrix, TIA-total information awareness)Show cookie example
7 Privacy andusually are not protected and are left open for potential scanningGmail scans content of s and puts in related ads1July 1st 2004, “Court Limits Privacy Of Messages”2“A company that provides service has the right to copy and read any message bound for its customers”SpamUnsolicited1http://www.privacyrights.org/ar/GmailAGadvisory.htm2http://www.washingtonpost.com/wp-dyn/articles/A Jun30.html
8 Internet Fraud Identity theft Phishing (fishing) Forging of identity for the purpose of fraudPhishing (fishing)Deceptively to get people’s informationFaked website to get user informationAdvance Fee FraudNigeria scams…Washington mutual customer data update case/ebay …What are other types? How to identify and deal with it? Topic paper.
9 Privacy and Employees Workplace PC monitoring Read the handout and discussLegislation had been approved by the state Senate (California) in May 2004, employers would be required to give written notice explaining what types of electronic activities they monitor, from to the use of GPS locator devices in company cars and phones
11 Security Threats In-house security Hacking Computer virus and worm Employee misconductHackingUnauthorized access to, or use of the computer, information and systemsHackerComputer virus and wormVirus is the software with malicious intent to cause damageWorm is a self-propagating virusDoS (Denial-of-Service Attack)floods a server with so many requests for service that it slows down or crashesThreat sources: see more in extended module H
12 Security Management Myth Truth Security is about technology: software and hardwareTruthSecurity is also about policy: awareness, alertness and enforcement
13 Security Precautions (1) Authentication and authorizationAuthentication is the process to identify a person (who)Authorization is the process to identify privileges (what and how)Authentication methodsWhat you know: PasswordWhat you have (loosely): ID cards, CertificateWhat you have (tightly): BiometricsShow example of certificateAnd
14 Security Precautions (2) EncryptionSymmetric encryptionAsymmetric (public key) encryptionSSL (secure socket layer)FirewallSoftware/hardware that can selectively block computer communicationsAnti-virus softwareIntrusion detectionShow example of SSL (https://)
15 Good Resources Ethics in computing Napster on CNN Special Privacy Napster on CNN SpecialPrivacyComputer virus information